Null-dereference READ in blink::LocalFrame::Client |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5677528812093440 Fuzzer: ochang_domfuzzer Job Type: linux_msan_content_shell_drt Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000058 Crash State: blink::LocalFrame::Client blink::Document::open blink::Document::open Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_msan_content_shell_drt&range=518240:518474 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5677528812093440 Additional requirements: Requires HTTP Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jan 25 2018
Automatically adding ccs based on suspected regression changelists: JS exposure of feature policy by loonybear@chromium.org - https://chromium.googlesource.com/chromium/src/+/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d Fixed bug where PlzNavigate CSP in a iframe did not get the inherited CSP by andypaicu@chromium.org - https://chromium.googlesource.com/chromium/src/+/209f225b2d51334eaf69ffdf002e25eaa1e0d448 If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.
,
Jan 26 2018
,
Jan 31 2018
,
Jul 4
blink::LocalFrame::Client => Blink>Internals as per core/frame/OWNERS
,
Jul 5
ClusterFuzz testcase 5677528812093440 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Jan 25 2018Labels: Test-Predator-Auto-Components